Alerts

An issue was discovered in Django 5.1 before 5.1.1, 5.0 before 5.0.9, and 4.2 before 4.2.16. The urlize() and urlizetrunc() template filters are subject to a potential denial-of-service attack via...

An issue was discovered in Django v5.1.1, v5.0.9, and v4.2.16. The django.contrib.auth.forms.PasswordResetForm class, when used in a view implementing password reset flows, allows remote attackers...

In JetBrains TeamCity before 2024.07.3 password could be exposed via Sonar runner REST API

In JetBrains TeamCity before 2024.07.3 path traversal leading to information disclosure was possible via server backups

In JetBrains TeamCity before 2024.07.3 path traversal allowed backup file write to arbitrary location

In JetBrains TeamCity before 2024.07.3 stored XSS was possible in Backup configuration settings

In JetBrains TeamCity before 2024.07.3 stored XSS was possible via server global settings

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Payara Platform Payara Server (Admin Console modules) allows Remote Code...

A flaw exists whereby a user can make a specific call to a FlashArray endpoint allowing privilege escalation.

A SQL injection vulnerability in login portal in AnteeoWMS before v4.7.34 allows unauthenticated attackers to execute arbitrary SQL commands via the username parameter and disclosure of some data...